<?php
/*  
  Copyright (c) 2010-02 SongCMS 
  SongCMS All Rights Reserved. 
  Support:www.SongCMS.com
  QQ:544255858   19951025
  Author:Song  Version:3.17
  Date:2010-08-12 09:28:32
*/
class user extends db{
	public $Audit = 0; 
	public $UC_dir = 'plugins/ucenter/'; 
	public $AbnormalURL = ''; 
	public $SuccessURL = ''; 
	public function __construct(){
		parent::__construct();
		global $Lang;
		$UC_CONFIG = $this->UC_dir.'config.inc.php';
		if(is_file($UC_CONFIG)) include_once($UC_CONFIG);
		if(!defined('UC_ENABLED')) define('UC_ENABLED',0);
		$this->AbnormalURL = $this->SuccessURL = ($Lang == 1) ? './?flogin' : "./?flogin/l{$Lang}"; 
	}
	public function member(){
		global $_COOKIE,$Lang,$Warning;
		$Origin = $Lang == 1 ? './?flogin' : "./?flogin/l{$Lang}";
		if(empty($_COOKIE['User']['Name']) || $_COOKIE['isLogin'] != 'songcms'){
			MsgBox(1,$Warning[19],$Origin); 
		} else {
			$SQL = "SELECT * FROM `{$this->dbprefix}user` WHERE `UserName` = '{$_COOKIE['User']['Name']}'";
			$result = $this->SelectSQL($SQL,1);
			if(count($result) == 1){
				return array_shift($result);	
			} elseif(UC_ENABLED == 1) { 
				include_once($this->UC_dir.'uc_client/client.php');
				list($uid,$username,$email) = uc_get_user($_COOKIE['User']['Name'],0);
				if($uid > 0){
					$SQL = "INSERT INTO `{$this->dbprefix}user` (`UserName`,`UserEmail`,`UserLogin`,`UserLoginIP`,`UserLoginTime`,`UserRegIP`,`UserRegTime`,`UserAudit`)";
					$SQL .= "VALUES ('{$username}','{$email}','0','" . $_SERVER['REMOTE_ADDR'] . "',NOW(),'" . $_SERVER['REMOTE_ADDR'] . "',NOW(),'{$this->Audit}');";
					$oid = $this->ExecuteSQL($SQL,1);
					$SQL = "SELECT * FROM `{$this->dbprefix}user` WHERE `ID` = '{$oid}'";
					$result = $this->SelectSQL($SQL,1);	
					return array_shift($result);				
					if(count($result) == 1){
						return array_shift($result);
					} else {
						MsgBox(1,'Error:55140',$Origin);	
					}
				}
			} else {
				MsgBox(1,$Warning[19],$Origin); 
			}
		}
	}
	public function reg(){
		global $_POST,$Warning,$Lang,$SC,$Html;
		$uid = 0;
		if(UC_ENABLED == 1){
			include_once($this->UC_dir.'uc_client/client.php');
			$uid = uc_user_register($_POST['UserName'],$_POST['UserPassword'],$_POST['UserEmail']);
			switch ($uid){
				case -1 : MsgBox (1,$Html['Reg'][0],'-1'); break; 
				case -2 : MsgBox (1,$Html['Reg'][0],'-1'); break; 
				case -3 : MsgBox (1,$Warning[16],'-1'); break; 
				case -4 : MsgBox (1,$Html['Reg'][5],'-1'); break; 
				case -5 : MsgBox (1,$Html['Reg'][5],'-1'); break; 
				case -6 : MsgBox (1,$Html['Reg'][5],'-1'); break; 
			}
		}
		$scount = $this->SelectSQL("SELECT `ID` FROM `{$this->dbprefix}user` WHERE `UserName` = '{$_POST['UserName']}'",0);
		if(count($scount) == 0){
			$SQL = "INSERT INTO `{$this->dbprefix}user` (`UserName`,`UserPassword`,`UserProtectionQuestion`,`UserProtectionAnswer`,
			`UserTrueName`,`UserSex`,`UserEmail`,`UserCompany`,`UserWeb`,`UserAddress`,`UserTel`,`UserFax`,`UserLevel`,
			`UserLogin`,`UserLoginIP`,`UserLoginTime`,`UserRegIP`,`UserRegTime`,`UserAudit`)
			VALUES ('" . $_POST['UserName'] . "','" . md5($_POST['UserPassword']) . "','" . $_POST['UserProtectionQuestion'] . "',
			'" . $_POST['UserProtectionAnswer'] . "','" . $_POST['UserTrueName'] . "','" . $_POST['UserSex'] . "','" . $_POST['UserEmail'] . "',
			'" . $_POST['UserCompany'] . "','" . $_POST['UserWeb'] . "','" . $_POST['UserAddress'] . "','" . $_POST['UserTel'] . "','" . $_POST['UserFax'] . "',
			'" . '0' . "','0','" . $_SERVER['REMOTE_ADDR'] . "',NOW(),'" . $_SERVER['REMOTE_ADDR'] . "',NOW(),'" . $this->Audit . "');";
			$SC -> cache -> clearAll();
			if($this->ExecuteSQL($SQL)){
				MsgBox (1,$Warning[17],"./?l{$Lang}/");
			} else {
				MsgBox (1,$Warning[18],'-1');
			}
		} elseif($uid == 0) {
			MsgBox (1,$Warning[16],'-1');
		} else {
			MsgBox (1,$Warning[17],"./?l{$Lang}/");
		}
	}
	public function login(){
		global $_POST,$Warning,$SC,$Html,$_COOKIE;
		$sExpire = $_POST['sCookies'] == 'yes' ? (time()+2592000) : 0; 
		if(UC_ENABLED == 1){
			include_once($this->UC_dir.'uc_client/client.php');
			list($uid, $username, $password, $email) = uc_user_login($_POST['Member'],$_POST['Password']);
			if($uid > 0){
				setcookie('Example_auth', uc_authcode($uid."\t".$username,'ENCODE'),$sExpire,'/');
				ob_start();	
				echo uc_user_synlogin($uid); 
				$ct = $this->SelectSQL("SELECT `ID` FROM `{$this->dbprefix}user` WHERE `UserName` = '{$username}'",0);
				if(count($ct) == 0){
					$SQL = "INSERT INTO `{$this->dbprefix}user` (`UserName`,`UserPassword`,`UserEmail`,`UserLogin`,`UserLoginIP`,`UserLoginTime`,`UserRegIP`,`UserRegTime`,`UserAudit`)";
					$SQL .= "VALUES ('{$username}','" . md5($password) . "','{$email}','0','" . $_SERVER['REMOTE_ADDR'] . "',NOW(),'" . $_SERVER['REMOTE_ADDR'] . "',NOW(),'{$this->Audit}');";
					$this->ExecuteSQL($SQL);
				}
			} elseif($uid == -1) {
				MsgBox(1,$Warning[2],$this->AbnormalURL); 
			} elseif($uid == -2) {
				MsgBox(1,$Warning[3],$this->AbnormalURL); 
			} else {
				MsgBox(1,$Warning[1],$this->AbnormalURL); 
			}
		}
		$ispss = UC_ENABLED == 1 ? 'no' : 'yes';	
		switch($this->scLogin(trim($_POST['Member']),trim($_POST['Password']),$_POST['sCookies'],$ispss)){
			case 9: 
				$SC -> cache -> clearAll();
				if($this->SuccessURL != 'returns'){
					MsgBox(0,'',$this->SuccessURL);
				} else {
					return 9;	
				}
				break; 
			case 1: MsgBox(1,$Warning[2],$this->AbnormalURL); break; 
			case 2: MsgBox(1,$Warning[3],$this->AbnormalURL); break;	
			case 3: MsgBox(1,$Warning[4],$this->AbnormalURL); break; 
			case 4: MsgBox(1,$Warning[5],$this->AbnormalURL); break; 
			default: MsgBox(1,$Warning[1],$this->AbnormalURL); break; 
		}			
	}
	public function scLogin($UserName,$Password,$sCookies,$isPs='yes'){
		global $_SERVER,$_POST;
		$Password = md5($Password);
		$isState = true;
		$SQL = "SELECT * FROM `{$this->dbprefix}user` WHERE `UserName` = '{$UserName}'";
		$Ls = $this->SelectSQL($SQL,1);
		if(count($Ls) != 1){$isState = false; return 1;}
		$Ls = array_shift($Ls);
		if($Password != $Ls['UserPassword'] && $isPs == 'yes'){$isState = false; return 2;} 
		if($Ls['UserAudit'] != 1){$isState = false; return 3;}
		if($isState === true){
			$sExpire = $sCookies == 'yes' ? (time()+2592000) : 0;
			setcookie("User[ID]",$Ls['ID'],$sExpire,'/');
			setcookie("User[Name]",htmlspecialchars($Ls['UserName']),$sExpire,'/');
			setcookie("User[TrueName]",htmlspecialchars($Ls['UserTrueName']),$sExpire,'/');
			setcookie("User[Email]",htmlspecialchars($Ls['UserEmail']),$sExpire,'/');
			setcookie("User[Company]",htmlspecialchars($Ls['UserCompany']),$sExpire,'/');
			setcookie("User[Level]",$Ls['UserLevel'],$sExpire,'/');
			setcookie("User[Login]",($Ls['UserLogin']+1),$sExpire,'/');
			setcookie("User[LoginIP]",$Ls['UserLoginIP'],$sExpire,'/');
			setcookie("User[LoginTime]",$Ls['UserLoginTime'],$sExpire,'/');
			setcookie('isLogin','songcms',$sExpire,'/');
			$SQL = "UPDATE `{$this->dbprefix}user` SET `UserLoginIP` = '" . $_SERVER['REMOTE_ADDR'] . "',";
			$SQL .= "`UserLoginTime` = NOW(),`UserLogin` = (`UserLogin`+1) WHERE `ID` = {$Ls['ID']} LIMIT 1 ;";
			if(!$this->ExecuteSQL($SQL)){return 4;}
			return 9;
			unset($Ldb,$UserName,$Password,$isState,$Ls,$SQL);
		}
	}
	public function logout(){
		global $SC,$WebStaticHTML,$Lang;
		if(UC_ENABLED == 1) {
			include_once($this->UC_dir.'uc_client/client.php');
			setcookie('Example_auth','',0,'/');
			setcookie('Example_auth','',0);
			echo uc_user_synlogout();
		}
		setcookie("User[Name]",'',0,'/');
		setcookie("User[Name]",'',0);
		setcookie('isLogin','',0,'/');		
		setcookie('isLogin','',0);		
		$SC -> cache -> clearAll();
		$OutURL = $WebStaticHTML == 0 ? "./?l{$Lang}" : ($Lang == 1 ? './' : "./html/index{$Lang}.html");
		MsgBox(0,'',$OutURL);
		exit();		
	}
}
?>